Security & Privacy

Anyone who’s used a personal computer for more than a week or two has undoubtedly noticed a gradual decrease in performance. There can be a number of causes for this, and a number of steps you can take to recover this lost performance. There are also a few preventative measures that can help keep your computer running at top efficiency.

Spyware and Adware – sources and removal
Spyware and Adware are two types of malicious software (AKA malware) that infect PCs. Spyware collects information about a user’s surfing habits, purchasing preferences, etc. and sends it to marketing agencies. Adware presents unwanted advertisements to the user. The source of infection can be email attachments or files downloaded from the internet disguised as or embedded within useful software. Some adware and spyware can also be picked up simply by surfing to certain websites.
Removal is usually accomplished with the aid of utilities written for this purpose. Spybot Search & Destroy and Adaware are two long-standing products which offer free versions for personal, home use. Some objects embed themselves so deeply within the operating system that free tools cannot completely remove them. For those, or if you’re running in a corporate environment and want continuous updates and real-time protection, consider a commercial offering.

Unnecessary Services and Processes
The default installation of Windows(c) configures a number of services that run automatically whenever the system is booted, many of which are never needed by the majority of users. Stopping these processes and preventing them from running can free up significant memory and CPU utilization. There are utilities that can make the job of identifying and disabling unnecessary processes easier. Some of this can be accomplished using Windows’ services interface. Getting to this interface differs between versions of Windows, but it will be similar to this: Start->Control Panel->Administrative Tools->Services. Here you will see the list of installed services. For each one you don’t want to run automatically every time you boot up, right-click on the name and select ‘Properties.’ In the dialog box, set the Startup Type to ‘manual.’ If you’re sure you never want the service to run (for example, if you suspect it is some kind of malware), set it to ‘disabled.’ You can always change it back to ‘automatic’ if you experience problems. Once you’ve finished setting the startup type on any services you’ve modified, you should reboot your computer. Simply stopping a service does not always completely free up resources that may have been reserved. The following are some services that are rarely needed by most users: Messenger Service (has nothing to do with instant messenger (IM) software), Remote Registry Service (do you ever need to edit your registry from a remote location?), Error Reporting Service (pops up the annoying “notify Microsoft about this bug” every time something crashes), Alerter (no need for this), Fast User Switching Compatibility (even with this disabled, you can still log off and log back on as someone else), Telnet (if you must enable a command-line log on from a remote location, use a secure shell (SSH) service instead).
There are other services which you may be able to disable, and there are other (non-service) processes that may be started by Windows. You can see which processes are running on your system by running the task manager (Ctrl-Alt-Del -> Task Manager) and selecting the Processes tab. These are started from registry entries, items in the Startup folder, and a number of other sources. With the task manager you can kill any of these processes (if you know which ones should be killed), but unless you find out where they’re coming from and remove the source, they will automatically restart. All these processes (including the services) can be managed with a program called Wintask 5 (liutilities.com). This tool gives you access to one of the most complete process libraries available, with the ability to identify, remove, or block undesirable processes. It costs about $30.00, but a free trial can be downloaded from the company’s website.

Optimize the Hard Drive(s)
Most people realize that they have to defragment their Hard Drives periodically or disk performance will suffer. Windows’ built-in defragmenter does an adequate job of defragmenting most files, but it has it’s limitations. Certain system files (including the registry) won’t be defragmented. Also, with this utility running, you can’t use your system for anything else. This program is actually a ‘light’ version of Diskeeper (diskeeper.com), which also comes in commercial flavors starting at about $30.00. For that price you get more efficient and complete defragmentation which can work in real-time, utilizing unused CPU cycles (so it doesn’t slow your system down).

Clean the Registry
The last thing I generally do when optimizing a system is to clean / optimize the registry. This removes references to obsolete objects and redundant entries, and repairs broken links. Again, this is accomplished with a utility. Remember to back up the registry first by using the File->Export menu option in the registry editor (regedit). The best type of utility for cleaning the registry is one that can defragment as well as clean it, something like RegistryBooster 2 (liutilities.com).
All of these optimization steps either require a utility or can be made easier with one. You can acquire free utilities or commercial variants. If you’re going to consider commercial software, you can save money by buying a suite. You can usually pick up a package deal for significantly less than the cost of individual components. Some, like PowerSuite from UniBlue, will also analyze and set the optimum parameters for your systems memory, CPU, and network configurations. Note that Powersuite includes a task manager, spyware removal and protection, and the RegistryBooster 2 registry cleaner, but alas, it does not include disk optimization.

Two of the worst causes of problems in personal computers these days is the prevalence of spyware and adware. Spyware and adware are types of malicious software (AKA malware) that infect PCs. Unlike other malware like viruses and trojans, spyware and adware don’t exist to cause damage directly, but to collect information about a user’s surfing habits, purchasing preferences, etc. and send it to marketing agencies (spyware), or to serve advertisements to the user, often making them appear as if they are normal pop-ups encountered while surfing the web (adware). Both these types of malware consume CPU cycles, memory, and network bandwidth, causing degradation in system performance and stability. Severe infections can make surfing the internet impossible or even render the entire system unusable. On top of that, spyware serves as an invasion of privacy, because the data collected can be used not only to target you with unwanted advertising, but quite possibly with identity theft as well.

The source of these infections can be email attachments, or files downloaded from the internet disguised as (or embedded within) useful software. Some adware and spyware can also be picked up simply by surfing to certain websites.

Removal of this type of malware is usually accomplished with the aid of utilities written for this purpose. There are free and commercially products available, each with their own set of strengths. Spybot Search & Destroy (safer-networking.org) and Adaware (lavasoft.de) are two long-standing products which offer free versions for personal, home use. Running scans with both these products, one after the other, will allow you to effectively remove most malware. Some objects however embed themselves so deeply within the operating system that free tools cannot completely remove them. There are a number of other tools available for dealing with these nefarious objects, each customized for the particular type of infection they’re designed to combat. For example, CWShredder (us.trendmicro.com) was designed to remove a rather insidious form of web browser hijacker, which redirects your searches, changes your home page, and creates bookmarks to other sites. Another tool for combatting hijackers and other malware is hijackthis, also from TrendMicro. Both of these tools are for experienced, technical users. You have to know specifically what you’re looking for. This is especially true of hijackthis, which will happily let you remove components that are actually quite critical to your system.

For these infections that are harder to find and kill, or if you’re running in a corporate environment and want continuous updates and real-time protection, you should consider a commercial offering. Adaware Pro sells for $39.00. The cost of the corporate edition of Sypot S & D is not given on their website.

An ounce of Prevention
A strictly commercial product (with a free trial) is >SpyEraser 2 from Uniblue ($29.95, uniblue.com). In addition to the ability to remove most spyware and adware, it offers real-time, continuous protection against becoming infected in the first place, and automatic daily updates. A free scan of your system is available from their website, as is an award-winning process library that can help you identify potentially dangerous processes that are running invisibly on your system.

Whether you decide to collect a set of free utilities or take the plunge and purchase a product depends on your level of expertise, the amount of free time you have to investigate and learn to use the various tools, and if you want or need the technical support that comes with a commercial product. In any case, it should be clear that you have to do something to combat spyware and adware on a regular basis if you want to keep your system running efficiently.

As reported a few months ago, I wrote a series of articles for an anonymous Helium Marketplace publisher related to PC Optimization. Well, they bought one – an article written ‘on spec’ about the benefits of a paid-for registry optimizer. Since I had an inkling that the publisher is Uniblue software, I made sure to mention their product. I did not mention it in the article, but my choice for free registry optimizers is CCleaner. Aside from that omission, the article has valid information concerning features to look for in a registry cleaner. An excerpt follows. For a limited time, the article can be read in it’s entirety. Once Uniblue publishes it, it will be removed from Helium, since they bought exclusive rights to the content.

---

This content was removed per the purchase agreement.  The original article can be read here, with someone else’s byline.  They can do that because they purchased exclusive rights. –Jp

This article was originally published by Triond on their web site ComputerSight. I thought it was time to reprint it here, so it appears below in its entirety.

---

Configuration Management (‘CM’ hereafter) means a lot of different things to different people. Weighty tomes have been written describing the goals, policies, procedures, benefits, pitfalls, and a variety of definitions of CM. One recent CM plan I worked on is a 20-something page document attempting to detail this information and how it relates to the client’s projects.Most of the information available can be boiled down into 4 key concepts, or what can be called the 4 cornerstones of great CM. These concepts represent ideals. The challenge is in the implementation, so that the policies, procedures, and utilities developed support these ideals, or at least the intent behind them.

1. Version Control : Everything is maintained in a Version Control tool like Serena’s. Some agreed set of items (Configuration Items, or CI’s for short) stored within the tool represent baselines. In other words, they are the set of revisions currently in production. They are not necessarily the most recent revisions.Builds intended for deployment to any post-development environment (QA, Test, Prod, whatever) are always pulled from Version Control, and never copied directly from a development environment.
2. Separation of Duties and Least Privilege : Actually, these are two principles lumped together because Least Privilege is not possible without Separation of Duties, and Separation of Duties is pointless without Least Privilege. The former simply means that no single person has independent responsibility over more than one area of a system.For example, developers change code, perform unit test, etc., but do not deploy or promote such code to any non-development environment. CM people promote code, but do not develop applications, nor do they approve code changes made by developers (although they may participate in code reviews).
   DBAs have database privileges, but don’t develop application code nor act as system admins. And so on. The Least Privilege principle simply states that no person or running process has more access or system privilege than they need to perform their normal duties or functions at any point in time.Access or privilege for either people or processes can temporarily be increased during the performance of some activity as necessary, then immediately restricted again. Policies implementing these controls make allowances in both these principles for emergency situations.
3. Auditing : CM personnel periodically conduct audits of applications, systems, and procedures. Any updated application software or configurable item should be traceable to an approved change request, as well as through the entire set of existing quality control, tech review, and change control procedures.This includes not only application executables but database configurations as well. All items are compared with their baseline counterparts in the Version Control repository (ie; the revisions marked as ‘Production’). Discrepancies are reported as non-compliance issues and investigated, and will generally lead to procedural changes designed to eliminate future non-compliance.
4. Automate, Automate, Automate : This one is an over-riding theme for how we accomplish all this with limited resources. Checking items out of and into Version Control should be quick and painless, and integrated into development IDEs (Interactive Development Environments) if possible. Code promotions are scripted. Database changes are scripted. Auditing utilities are scripted.These scripts themselves are subject to review and kept in version control. Tying it all together gives us reliable, secure systems built with verifiable, repeatable and efficient processes.

The RIAA’s Investigators Operating Illegally?

The Recording Industry of America Association (RIAA) is the agency trying to enforce copyrights by suing suspected file sharers. They employ MediaSentry for the forensic examination of the computers owned by suspected violators, which opens up for scrutiny not only shared music, but any personal information stored on the PCs. Recently, MediaSentry has come under fire for conducting such examinations for evidence to be used in court cases without having Private Investigator (PI) licenses. Massachusetts has ordered them to cease operations there until they obtain the proper licenses. Several other states have issued various statements and warnings, including Michigan. This gives defendants the possibility of getting evidence disallowed in their trials, and opens the doors for recriminations from past defendants who settled out of court based on evidence that may not have been legally obtained. So far, MediaSentry has taken the stance that their role in the investigations does not require a PI license. This story bears watching closely. If anyone challenges the evidence gathered by MediaSentry, and it follows that they have to obtain PI licenses going forward, how many counter-suits from past cases will suddenly be filed by defendants who settled out of court on the strength of evidence that would not have been admitted in court?

Courts Can’t Force You To Reveal Your Passwords and Encryption Keys

Another case making headlines lately involves a Grand Jury’s attempt to order a defendant to reveal his encryption password so that prosecutors could assess the files on his hard drive. It turns out that passwords and encryption keys are protected under the 5th amendment, which basically prohibits the forcing of defendants to testify against themselves. A federal Magistrate ruled the Grand Jury’s subpoena unconstitutional. The government has appealed. If the suspect – a Canadian with U.S. residency by the name of Sebastien Boucher – is actually guilty of child pornography, I hope the government finds enough evidence to convict him without violating his 5th amendment rights.References:

• www.law.com reported on passwords and the 5th amendment.
• recordingindustryvspeople.blogspot.com brought the MediaSentry story to light.
• bloggernews.net – discusses the implications of the RIAA’s investigators operating illegally in certain states.

---